Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File:                     OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier:          hMwYEGrwFPOr6V3mNt8XOKdZhnYadNgunOc+o3wYBcQ=
Subject key identifier:   BF:0E:95:B6:45:3E:65:46:23:11:E9:0E:DE:9D:EC:FF:44:6D:1A:12
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer:       /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial:       019921B0B23D63DFC5DA79BD4D2FAFEA83DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number:          0B68
Signing time:             Sun 07 Sep 2025 01:00:51 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:51 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:51 +0000
Files and hashes:         1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: 4lxQHm6nOiQKfX7scAwGhcRwETY6Qh2hGsyK1nWmtXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:b2:3d:63:df:c5:da:79:bd:4d:2f:af:ea:83:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
        Validity
            Not Before: Sep  7 01:00:51 2025 GMT
            Not After : Sep  8 01:00:51 2025 GMT
        Subject: CN=bf0e95b6453e65462311e90ede9decff446d1a12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ba:9f:69:86:54:f8:c4:c5:db:ab:4c:d9:f5:
                    7b:a2:e3:6d:61:39:fb:0e:a8:38:38:7a:b9:ca:7e:
                    ce:f2:77:d5:2e:63:d2:70:1d:62:ef:2c:39:4d:a1:
                    25:ff:aa:b7:55:4e:85:9b:dd:a9:25:d0:ff:3d:ff:
                    4d:df:66:b0:76:9e:e9:92:cc:54:a7:b4:47:d6:ba:
                    41:28:ab:c1:62:3d:40:36:8d:07:fb:30:0e:44:b6:
                    af:ec:9b:e3:4b:34:be:b5:85:6f:c6:88:39:f3:51:
                    2b:05:ed:a9:e2:81:c1:2b:03:19:3d:d0:54:6e:20:
                    86:5b:29:c5:bc:d8:21:f0:80:34:80:f4:55:9f:7c:
                    56:3c:e0:c9:30:f6:11:d7:15:7d:d2:97:7b:67:b2:
                    7d:87:82:e4:e0:f3:81:b3:4e:99:74:08:ba:38:7a:
                    ad:e5:a2:99:87:a7:4d:77:19:e5:7a:56:36:03:4f:
                    98:2e:79:0f:84:d8:8c:4e:75:72:69:e3:dd:52:3b:
                    88:5d:5d:f1:0b:ec:8c:7b:a0:45:ee:1d:d5:95:99:
                    5b:8b:6a:f9:51:a1:5c:b4:93:62:b2:3d:0e:65:72:
                    fd:fd:bd:44:bb:62:d6:59:11:f4:62:5b:f9:30:fb:
                    aa:cc:cd:4f:f7:d1:46:e6:11:a7:3a:4c:f1:49:48:
                    1c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:0E:95:B6:45:3E:65:46:23:11:E9:0E:DE:9D:EC:FF:44:6D:1A:12
            X509v3 Authority Key Identifier:
                keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:3f:f5:c7:09:36:16:22:8e:f9:83:45:8a:b9:f2:0b:18:1a:
         a7:3f:22:87:db:7c:7e:b1:23:df:0f:a0:e0:09:69:cf:44:21:
         6f:90:82:07:db:c1:8b:fe:ce:a3:af:ac:66:3e:a6:4c:06:38:
         0b:88:e3:fa:72:48:11:61:7c:27:b5:6d:9c:65:bb:f6:8b:a1:
         39:25:0c:52:07:ff:6a:7e:06:a1:d0:31:e5:98:fa:38:ea:52:
         dd:ca:a4:d2:44:d1:5b:17:d7:97:97:7b:23:03:8c:e7:60:5e:
         fc:1f:3b:12:c4:30:4a:26:94:f3:44:83:ac:0a:56:e3:96:49:
         5d:b4:64:a2:5c:04:14:48:8a:bf:45:e1:c0:63:a3:2b:e4:47:
         23:be:c9:08:94:e9:f7:ea:ad:f5:f9:5d:da:aa:3a:45:e5:3f:
         30:4d:cb:b0:3e:1d:02:f4:84:fc:1d:5b:50:26:89:c0:1d:2d:
         0b:74:c2:fb:4c:d0:0f:bb:ee:87:e6:d9:16:a1:ed:3d:51:75:
         75:9a:6f:11:87:59:bf:b3:db:c2:a7:35:16:04:f4:43:88:ac:
         d0:a1:4f:97:4c:b5:48:5d:44:c5:02:cb:5b:23:f2:4b:9f:bb:
         c1:04:d3:28:2d:ad:aa:f8:f7:bc:0b:8d:ba:c7:bb:bf:53:30:
         5b:a6:46:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsLI9Y9/F2nm9TS+v6oPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjUwOTA3MDEwMDUxWhcNMjUwOTA4MDEwMDUxWjAzMTEwLwYDVQQD
EyhiZjBlOTViNjQ1M2U2NTQ2MjMxMWU5MGVkZTlkZWNmZjQ0NmQxYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7qfaYZU+MTF26tM2fV7ouNtYTn7
Dqg4OHq5yn7O8nfVLmPScB1i7yw5TaEl/6q3VU6Fm92pJdD/Pf9N32awdp7pksxU
p7RH1rpBKKvBYj1ANo0H+zAORLav7JvjSzS+tYVvxog581ErBe2p4oHBKwMZPdBU
biCGWynFvNgh8IA0gPRVn3xWPODJMPYR1xV90pd7Z7J9h4Lk4POBs06ZdAi6OHqt
5aKZh6dNdxnlelY2A0+YLnkPhNiMTnVyaePdUjuIXV3xC+yMe6BF7h3VlZlbi2r5
UaFctJNisj0OZXL9/b1Eu2LWWRH0Ylv5MPuqzM1P99FG5hGnOkzxSUgcqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8OlbZFPmVGIxHpDt6d7P9EbRoSMB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXj/1xwk2
FiKO+YNFirnyCxgapz8ih9t8frEj3w+g4Alpz0Qhb5CCB9vBi/7Oo6+sZj6mTAY4
C4jj+nJIEWF8J7VtnGW79ouhOSUMUgf/an4GodAx5Zj6OOpS3cqk0kTRWxfXl5d7
IwOM52Be/B87EsQwSiaU80SDrApW45ZJXbRkolwEFEiKv0XhwGOjK+RHI77JCJTp
9+qt9fld2qo6ReU/ME3LsD4dAvSE/B1bUCaJwB0tC3TC+0zQD7vuh+bZFqHtPVF1
dZpvEYdZv7Pbwqc1FgT0Q4is0KFPl0y1SF1ExQLLWyPyS5+7wQTTKC2tqvj3vAuN
use7v1MwW6ZGnQ==
-----END CERTIFICATE-----